Alert Logic is researching a newly announced Linux vulnerability - CVE-2022-0847. This vulnerability would allow an attacker to overwrite data in arbitrary read-only files, which could lead to privilege escalation.
All Linux distributions running Linux kernel version 5.8 and later versions are affected with the exception of Linux 5.16.11, 5.15.25, and 5.10.102. Linux distributions that include the new patched kernels are limited. This article will be updated when more patches to affected Linux distributions are released.
Alert Logic appliances are not affected by this vulnerability.
For more information on this vulnerability and available patches, refer to the following resources:
More to Come
Alert Logic has kicked off the Emerging Threat process for this vulnerability. This article will be updated with new information about this vulnerability and related Alert Logic coverage as it becomes available. To follow updates for this vulnerability, click FOLLOW at the top of this article. You must be signed into the Support Center using your Alert Logic product credentials to follow this article.